From 851f42ba277eec8081b8493d59a1506b6ce15c77 Mon Sep 17 00:00:00 2001 From: Luke Plant Date: Tue, 26 Oct 2010 18:09:20 +0000 Subject: [PATCH] Fixed #14565 - No csrf_token on 404 pages Thanks to gvangool for report and patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14356 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- django/views/defaults.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/django/views/defaults.py b/django/views/defaults.py index 68b9ad697c..08c49e0ca4 100644 --- a/django/views/defaults.py +++ b/django/views/defaults.py @@ -1,6 +1,8 @@ from django import http from django.template import Context, RequestContext, loader +from django.views.decorators.csrf import csrf_protect +@csrf_protect def page_not_found(request, template_name='404.html'): """ Default 404 handler. @@ -13,6 +15,7 @@ def page_not_found(request, template_name='404.html'): t = loader.get_template(template_name) # You need to create a 404.html template. return http.HttpResponseNotFound(t.render(RequestContext(request, {'request_path': request.path}))) +@csrf_protect def server_error(request, template_name='500.html'): """ 500 error handler.